VulnerableCode Package Details - pkg:pypi/gerapy@0.9.3b1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/gerapy@0.9.3b1

Essentials
History (4)

purl	pkg:pypi/gerapy@0.9.3b1

Next non-vulnerable version	0.9.9
Latest non-vulnerable version	0.9.9
Risk

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-fzyr-wa1k-27ey Aliases: CVE-2021-32849 GHSA-756h-r2c9-qp5j PYSEC-2022-17	Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds.	0.9.9 Affected by 0 other vulnerabilities.
VCID-gd14-gxnv-gyg1 Aliases: CVE-2021-44597 GHSA-29vr-79w7-p649 PYSEC-2022-228	An Access Control vunerabiity exists in Gerapy v 0.9.7 via the spider parameter in project_configure function.	0.9.8 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-h1s2-tcvq-c7ca Aliases: CVE-2021-43857 GHSA-9w7f-m4j4-j3xw PYSEC-2021-867	Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8.	0.9.8 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-tmgd-wek5-wkaz Aliases: CVE-2020-7698 GHSA-g57j-q48p-9vm2 PYSEC-2020-44 SNYK-PYTHON-GERAPY-572470	This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the project_configure endpoint, isn’t being sanitized.	0.9.3 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:17:08.287827+00:00	Pypa Importer	Affected by	VCID-gd14-gxnv-gyg1	https://github.com/pypa/advisory-database/blob/main/vulns/gerapy/PYSEC-2022-228.yaml	38.6.0
2026-06-02T04:16:21.323233+00:00	Pypa Importer	Affected by	VCID-fzyr-wa1k-27ey	https://github.com/pypa/advisory-database/blob/main/vulns/gerapy/PYSEC-2022-17.yaml	38.6.0
2026-06-02T04:16:15.465065+00:00	Pypa Importer	Affected by	VCID-h1s2-tcvq-c7ca	https://github.com/pypa/advisory-database/blob/main/vulns/gerapy/PYSEC-2021-867.yaml	38.6.0
2026-06-02T04:06:53.098289+00:00	Pypa Importer	Affected by	VCID-tmgd-wek5-wkaz	https://github.com/pypa/advisory-database/blob/main/vulns/gerapy/PYSEC-2020-44.yaml	38.6.0